Cryptowall 2.0

[phenom5]

Anybody have the pleasure?

We've had several user at my company get hit with this over the last week or so. Nasty stuff, and thanks to their latest iteration it's easier to get, and essentially impossible to get your files back...unless you pay up.

“Using Adobe Flash, the malvertisements silently ‘pull in’ malicious exploits from the FlashPack Exploit Kit. The exploits attack a vulnerability in the end-users’ browser and install CryptoWall 2.0 on end-users’ computers,” the post continued.

“Similar to the behavior of other ransomware, CryptoWall then encrypts the end-users’ hard drive and will not allow access until the victim pays a fee over the internet for the decryption key. Typically, the end-users face an escalating time deadline; failure to pay by the deadline results in their hard drives being permanently encrypted, thus rendered effectively useless, with all information inaccessible.”

Big name sites affected included Yahoo Finance, Fantasy and Sports; AOL; The Atlantic; The Age; Time Out US; and the Sydney Morning Herald.

http://www.infosecurity-magazine.com/ne ... exposed-3/

[PieceOfMeat]

Thankfully I've not been struck by that. Though I do have Flash disabled by default, so maybe that has helped? Does it, or can it, encrypt all hard drives or hard drive partitions, or only the hard drive that the OS is running from?

::::nevermind, just read about it,and it's any drive attached to your computer and has a drive letter assigned. sheesh, what a nasty thing it is.

[phenom5]

Yeah, nasty. You need to have a backup drive that is only connected during backups to minimize...minimize, not guarantee you will be safe.